Last update at :2024-06-13,Edit by888u
Generally when we log in and access shopping and membership websites, we will see that the URL in the address bar is slightly different from our ordinary website access, especially at the front end of the URL address bar, we will see green or other Color-coded, this is what we call an HTTPS address, encrypted using an SSL security certificate. Encrypt the transmission of user information under certain circumstances.
At the end of last year, Google announced that it would give a certain weight increase to websites with SSL certificates. However, search engines in mainland China have not yet said this, but we also saw the official website when we visited Baidu. Enable HTTPS addresses. Snail believes that no matter whether it adds weight to the website, if our website is in the form of member interaction, especially for the transmission of personal information, it is still necessary to add an SSL certificate to such websites.
Regarding the acquisition of SSL certificate, if we are using STARTSSL or WoSign free SSL application, we can refer to \\"Free WoSign digital certificate SSL application process Chinese interface to issue certificate quickly\\" and \\ "StartSSL application process allows the website to have a free SSL certificate\\" The article applies for free SSL deployment learning. If we need to use a regular website, it is recommended to purchase a paid SSL certificate.
In this article, Lao Jiang will share how we installed SSL on the LNMP one-click package (Junge) and deployed our site to be accessed through HTTPS.
The first step is to prepare for basic deployment of HTTPS
A – We need to use the LNMP one-click package to install it in our existing VPS environment. If it is not installed or is not clear, you can refer to the article "Basic Tutorial Directory of LNMP One-click Installation Package".
B – Snail here uses WoSign’s free SSL as a demonstration, so I have applied for free SSL, and after decompressing the certificate file, we can see that there are various environments in it.
Because we are using the NGINX WEB environment here, we need to decompress the FOR NGINX.ZIP file package and then see a CRT and a KEY file.
Step 2, upload and deploy SSL certificate
A – Upload the above CRT and KEY files to the VPS ROOT directory, and then modify them to SSL.CRT and SSL.KEY file names, or we can use them as other commands.
B – Decrypt private key and set permissions
openssl rsa -in ssl.key -out /root/ssl.keychmod 600 /root/ssl.key
Log in to SSH and execute the above two lines of script to decrypt the private key and authorization.
Step 3: Deploy site SSL settings in LNMP environment
We need to add a site to the existing LNMP, and then set it in the CONF file corresponding to the site.
In the \\"/usr/local/nginx/conf/vhost/\\" directory file, find the conf file of the corresponding site, and then modify the settings as follows
server{listen 80; listen 443 ssl;#listen [::]:80;ssl on; ssl_certificate /root/ssl.crt; ssl_certificate_key /root/ssl.key;server_name laozuo.org www.laozuo.org;
The red marked part above was added by me. The corresponding path must correspond to the path of the CRT and KEY files uploaded before, and the file name must not be mistaken.
Finally, we restart LNMP and see that the SSL certificate takes effect and the site can be accessed via HTTPS.
If we need to force HTTPS URL access, then we need to remove the listen 80; script.
To summarize, through the above steps, we can basically complete the deployment of HTTPS site URL. For those who need to optimize the environment and improve efficiency, we will share it later after learning.
Recommended site search: Japan's fastest server, Hong Kong server, how to rent a server, German server, Google's permanently free server, US free space, Ministry of Industry and Information Technology website registration system http proxy ip, US vps server, virtual space host,
发表评论